ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam PT0-001 All Questions

View all questions & answers for the PT0-001 exam
Go to Exam

Exam PT0-001 topic 1 question 111 discussion

Actual exam question from CompTIA's PT0-001
Question #: 111
Topic #: 1
[All PT0-001 Questions]

A company planned for and secured the budget to hire a consultant to perform a web application penetration test. Upon discovering vulnerabilities, the company asked the consultant to perform the following tasks:
✑ Code review
✑ Updates to firewall settings
Which of the following has occurred in this situation?

  • A. Scope creep
  • B. Post-mortem review
  • C. Risk acceptance
  • D. Threat prevention
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by mr_robot at April 16, 2020, 4:30 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
mr_robot
Highly Voted 5 years ago
PenTest+ Practice Tests Book A. - A scope creep, or the addition of more items and targets to the scope of the assessment, is a constant menace for penetration testing. During the scoping phase, a tester is unlikely to know all of the details of what may be uncovered, and during the assessment itself, a tester may encounter unexpected new targets. Scope creep refers to how a project’s requirements tend to increase over a project life cycle.
upvoted 15 times
...
miabe
Most Recent 2 years, 9 months ago
Selected Answer: A
looks good to me
upvoted 1 times
...
baybay
3 years, 1 month ago
Selected Answer: A
Scope creep
upvoted 1 times
...
Cock
3 years, 2 months ago
Selected Answer: A
It was on the exam
upvoted 2 times
...
casandre123
3 years, 6 months ago
People... in questions as easy as this one is where we see how irresponsible some participants are in adding an argument comment while clearly not understanding the topic.. Sure, some commands are tricky and a single quote changes the whole syntax.. but this... This is textbook scope creep.
upvoted 2 times
...
mrfstop
3 years, 8 months ago
Are we sure this isn't D? "Upon discovering" seem to be the keywords for this questions.
upvoted 1 times
...
drummel
3 years, 10 months ago
A, agree he was not INITIALLY (as per SOW) to do those extra activities!
upvoted 2 times
drummel
3 years, 10 months ago
observe "upon dicovery"...
upvoted 1 times
MrRiver
3 years, 7 months ago
Even if the Pen-Tester Discovers a Vulnerabilliy its not his job to Fix the Vulnerability. He could state recommendeations like: Do a code review but mosty likley no his job if not mentioned in the Statement of work. And as the tester was hired to do a web application pen test a request to reconfigure a Firewall definityl like a scope creep.
upvoted 5 times
...
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago